Search in sources :

Example 31 with PEMKeyPair

use of org.bouncycastle.openssl.PEMKeyPair in project cloudbreak by hortonworks.

the class KeyStoreUtil method createKeyPair.

public static KeyPair createKeyPair(String clientKey) throws IOException, InvalidKeySpecException, NoSuchAlgorithmException {
    try (Reader reader = new StringReader(clientKey)) {
        try (PEMParser pemParser = new PEMParser(reader)) {
            PEMKeyPair pemKeyPair = (PEMKeyPair) pemParser.readObject();
            byte[] pemPrivateKeyEncoded = pemKeyPair.getPrivateKeyInfo().getEncoded();
            byte[] pemPublicKeyEncoded = pemKeyPair.getPublicKeyInfo().getEncoded();
            KeyFactory factory = KeyFactory.getInstance("RSA");
            KeySpec publicKeySpec = new X509EncodedKeySpec(pemPublicKeyEncoded);
            PublicKey publicKey = factory.generatePublic(publicKeySpec);
            KeySpec privateKeySpec = new PKCS8EncodedKeySpec(pemPrivateKeyEncoded);
            PrivateKey privateKey = factory.generatePrivate(privateKeySpec);
            return new KeyPair(publicKey, privateKey);
        }
    }
}
Also used : KeyPair(java.security.KeyPair) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) PrivateKey(java.security.PrivateKey) PEMParser(org.bouncycastle.openssl.PEMParser) PublicKey(java.security.PublicKey) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) KeySpec(java.security.spec.KeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) StringReader(java.io.StringReader) Reader(java.io.Reader) StringReader(java.io.StringReader) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) KeyFactory(java.security.KeyFactory)

Example 32 with PEMKeyPair

use of org.bouncycastle.openssl.PEMKeyPair in project credhub by cloudfoundry-incubator.

the class PrivateKeyReader method getPublicKey.

public static PublicKey getPublicKey(String privateKeyPem) throws IOException, UnsupportedFormatException {
    PEMParser pemParser = new PEMParser(new StringReader(privateKeyPem));
    Object parsed = pemParser.readObject();
    pemParser.close();
    if (!(parsed instanceof PEMKeyPair)) {
        throw new UnsupportedFormatException("format of private key is not supported.");
    }
    PEMKeyPair pemKeyPair = (PEMKeyPair) parsed;
    SubjectPublicKeyInfo publicKeyInfo = pemKeyPair.getPublicKeyInfo();
    return new JcaPEMKeyConverter().getPublicKey(publicKeyInfo);
}
Also used : PEMParser(org.bouncycastle.openssl.PEMParser) StringReader(java.io.StringReader) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)

Example 33 with PEMKeyPair

use of org.bouncycastle.openssl.PEMKeyPair in project credhub by cloudfoundry-incubator.

the class PrivateKeyReader method getPrivateKey.

public static PrivateKey getPrivateKey(String privateKeyPem) throws IOException, UnsupportedFormatException {
    PEMParser pemParser = new PEMParser(new StringReader(privateKeyPem));
    Object parsed = pemParser.readObject();
    pemParser.close();
    if (!(parsed instanceof PEMKeyPair)) {
        throw new UnsupportedFormatException("format of private key is not supported.");
    }
    PEMKeyPair pemKeyPair = (PEMKeyPair) parsed;
    PrivateKeyInfo privateKeyInfo = pemKeyPair.getPrivateKeyInfo();
    return new JcaPEMKeyConverter().getPrivateKey(privateKeyInfo);
}
Also used : PEMParser(org.bouncycastle.openssl.PEMParser) StringReader(java.io.StringReader) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)

Example 34 with PEMKeyPair

use of org.bouncycastle.openssl.PEMKeyPair in project midpoint by Evolveum.

the class RemoteModuleWebSecurityConfiguration method getPrivateKey.

protected static PrivateKey getPrivateKey(AbstractSimpleKeyType key, Protector protector) throws EncryptionException, IOException, PKCSException, OperatorCreationException {
    if (key == null) {
        return null;
    }
    PrivateKey pkey = null;
    String stringPrivateKey = protector.decryptString(key.getPrivateKey());
    String stringPassphrase = protector.decryptString(key.getPassphrase());
    if (hasText(stringPrivateKey)) {
        Object obj;
        PEMParser parser = new PEMParser(new CharArrayReader(stringPrivateKey.toCharArray()));
        obj = parser.readObject();
        parser.close();
        JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
        if (obj == null) {
            throw new EncryptionException("Unable to decode PEM key:" + key.getPrivateKey());
        } else if (obj instanceof PEMEncryptedKeyPair) {
            // Encrypted key - we will use provided password
            PEMEncryptedKeyPair ckp = (PEMEncryptedKeyPair) obj;
            char[] passarray = (ofNullable(stringPassphrase).orElse("")).toCharArray();
            PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().build(passarray);
            KeyPair kp = converter.getKeyPair(ckp.decryptKeyPair(decProv));
            pkey = kp.getPrivate();
        } else if (obj instanceof PEMKeyPair) {
            // Unencrypted key - no password needed
            PEMKeyPair ukp = (PEMKeyPair) obj;
            KeyPair kp = converter.getKeyPair(ukp);
            pkey = kp.getPrivate();
        } else if (obj instanceof PrivateKeyInfo) {
            // Encrypted key - we will use provided password
            PrivateKeyInfo pk = (PrivateKeyInfo) obj;
            pkey = converter.getPrivateKey(pk);
        } else if (obj instanceof PKCS8EncryptedPrivateKeyInfo) {
            // Encrypted key - we will use provided password
            PKCS8EncryptedPrivateKeyInfo cpk = (PKCS8EncryptedPrivateKeyInfo) obj;
            char[] passarray = (ofNullable(stringPassphrase).orElse("")).toCharArray();
            final InputDecryptorProvider provider = new JceOpenSSLPKCS8DecryptorProviderBuilder().build(passarray);
            pkey = converter.getPrivateKey(cpk.decryptPrivateKeyInfo(provider));
        } else {
            throw new EncryptionException("Unable get private key from " + obj);
        }
    }
    return pkey;
}
Also used : PEMEncryptedKeyPair(org.bouncycastle.openssl.PEMEncryptedKeyPair) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) PEMDecryptorProvider(org.bouncycastle.openssl.PEMDecryptorProvider) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) JcePEMDecryptorProviderBuilder(org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder) PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo) PEMEncryptedKeyPair(org.bouncycastle.openssl.PEMEncryptedKeyPair) PEMParser(org.bouncycastle.openssl.PEMParser) InputDecryptorProvider(org.bouncycastle.operator.InputDecryptorProvider) EncryptionException(com.evolveum.midpoint.prism.crypto.EncryptionException) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) JceOpenSSLPKCS8DecryptorProviderBuilder(org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo) PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)

Example 35 with PEMKeyPair

use of org.bouncycastle.openssl.PEMKeyPair in project zeppelin by apache.

the class PEMImporter method createPrivateKey.

private static PrivateKey createPrivateKey(File privateKeyPem, String keyPassword) throws IOException, GeneralSecurityException, OperatorCreationException, PKCSException {
    // add provider only if it's not in the JVM
    if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
        Security.addProvider(new BouncyCastleProvider());
    }
    try (PEMParser parser = new PEMParser(Files.newBufferedReader(privateKeyPem.toPath()))) {
        Object privateKeyObject = parser.readObject();
        JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME);
        KeyPair kp;
        if (privateKeyObject instanceof PEMEncryptedKeyPair) {
            // Encrypted key - we will use provided password
            PEMEncryptedKeyPair ckp = (PEMEncryptedKeyPair) privateKeyObject;
            PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().build(keyPassword.toCharArray());
            kp = converter.getKeyPair(ckp.decryptKeyPair(decProv));
        } else if (privateKeyObject instanceof PEMKeyPair) {
            // Unencrypted key - no password needed
            PEMKeyPair ukp = (PEMKeyPair) privateKeyObject;
            kp = converter.getKeyPair(ukp);
        } else if (privateKeyObject instanceof PrivateKeyInfo) {
            PrivateKeyInfo pki = (PrivateKeyInfo) privateKeyObject;
            return converter.getPrivateKey(pki);
        } else if (privateKeyObject instanceof PKCS8EncryptedPrivateKeyInfo) {
            PKCS8EncryptedPrivateKeyInfo ckp = (PKCS8EncryptedPrivateKeyInfo) privateKeyObject;
            InputDecryptorProvider devProv = new JceOpenSSLPKCS8DecryptorProviderBuilder().build(keyPassword.toCharArray());
            return converter.getPrivateKey(ckp.decryptPrivateKeyInfo(devProv));
        } else {
            throw new GeneralSecurityException("Unsupported key type: " + privateKeyObject.getClass());
        }
        return kp.getPrivate();
    }
}
Also used : KeyPair(java.security.KeyPair) PEMEncryptedKeyPair(org.bouncycastle.openssl.PEMEncryptedKeyPair) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) GeneralSecurityException(java.security.GeneralSecurityException) PEMDecryptorProvider(org.bouncycastle.openssl.PEMDecryptorProvider) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) JcePEMDecryptorProviderBuilder(org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder) PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo) PEMEncryptedKeyPair(org.bouncycastle.openssl.PEMEncryptedKeyPair) PEMParser(org.bouncycastle.openssl.PEMParser) InputDecryptorProvider(org.bouncycastle.operator.InputDecryptorProvider) PemObject(org.bouncycastle.util.io.pem.PemObject) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) JceOpenSSLPKCS8DecryptorProviderBuilder(org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo) PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)

Aggregations

PEMKeyPair (org.bouncycastle.openssl.PEMKeyPair)37 PEMParser (org.bouncycastle.openssl.PEMParser)35 JcaPEMKeyConverter (org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)28 PrivateKeyInfo (org.bouncycastle.asn1.pkcs.PrivateKeyInfo)17 IOException (java.io.IOException)13 InputStreamReader (java.io.InputStreamReader)13 PrivateKey (java.security.PrivateKey)12 PEMEncryptedKeyPair (org.bouncycastle.openssl.PEMEncryptedKeyPair)12 StringReader (java.io.StringReader)11 PEMDecryptorProvider (org.bouncycastle.openssl.PEMDecryptorProvider)11 JcePEMDecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder)11 InputStream (java.io.InputStream)10 KeyPair (java.security.KeyPair)8 Reader (java.io.Reader)7 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)7 PKCS8EncryptedPrivateKeyInfo (org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)7 JceOpenSSLPKCS8DecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder)6 InputDecryptorProvider (org.bouncycastle.operator.InputDecryptorProvider)6 PemObject (org.bouncycastle.util.io.pem.PemObject)6 KeyFactory (java.security.KeyFactory)5